Why Webmails is the Only Working Email Solution

On Monday I wrote about my experimental shift to command line email clients. Or rather about being unhappy about the available command line client choices. Still, I sucked it up, configured Pine (well Apline but whatever) for my work IMAP and SMTP accounts and started using it. Guess what? Everything went better than expected.

Why not Mutt? Because Mutt didn’t scale. Mutt was designed to be a POP client first, whereas Pine was designed specifically for IMAP and it shows. Mutt takes about 3 minutes to “index” my inbox every time I start it. Pine opens in a fraction of a second.

Yes, Pine can be clunky at times. They keyboard shortcuts are kinda weird but they are not horrible. Pico is an abysmal editor, but you can tell it to use Vim or Emacs instead so this becomes a non-issue.

Best feature: Pine it is blazing fast. Hands down it beats the Webmail, Outlook, Thunderbird, and even Kmail. I just type in pine, and boom – my emails are on the screen. Every other client has to do a warm-up lap around the CPU, loading graphical widgets and whatnot. I hit R and boom, I’m composing email in vim.

I usually run my Pine instance inside Tmux so I can easily split my screen into two or more panes with one key-stroke. Or open a background “tab” session. As long as I stay within that terminal I can work without ever touching a mouse. You can’t do that with graphical email clients. There is usually a lot of context switching. You usually need a mouse to switch between the panes within the client, different actions pop up mouse driven dialogs and whenever you need to drop down to terminal you need to mouse your way to it.

The great thing about this is that a lot of my daily tasks can be done directly from the command line or using command line apps. Eliminating mouse out of the equation makes me about twice or three times as efficient. It more than makes up for the clunkiness of Pine.

Here is an example of how my email looks at the moment. I’m using Pine and Midnight Commander running side by side inside of Tmux.

After about a week of working like this I am actually finding myself working faster and being more productive. Also, the bare-bones layout of Pine inbox actually forces me to proactively clean and organize my inbox. Previously I would just let random semi-spammy emails languish in the inbox. Nowadays I flag and delete them with great prejudice.

So my conclusion is that Pine actually works quite well as a primary email client if you are willing to put a little work into it. It actually works very well with Zimbra – it lets me have a light, responsive and simple client, and a very powerful back-end engine that does a lot of filtering, spam-tagging and managing behind the scenes on the server side.

So what’s up with the title of this post? Well, one day this week I ended up working from home and pine stopped working. Why? Because my residential ISP blocks port 25, 587 and the equivalent ssl ports used by SMTP servers. For years now Internet Service Providers have been clamping down on outbound SMTP traffic as a spam counter-measure. These days most networks only allow email relaying through their own server, and only with authentication. Which really, really sucks if you have a laptop with a pop/imap + smtp client.

I wrote about this very problem back in 2008. I managed to forget how big of an issue this was for us back then. But believe me, it was a major, major thing. More or less it was the reason why we dropped standard pop/smtp setup and migrated to Zimbra. Yes, imagine that – the management was so fed up with non-functioning email that they actually decided to move to throw money at the problem.

Our switch was more or less transparent to users, because we hooked them up with a Zimbra Outlook Connector plugin. From their perspective the only change was that their Outlook now actually fucking worked at their houses, in the local coffee shops and at client locations.

How come ZCO works and standard SMTP does not? Because the folks at Zimbra pretty much gave up trying to make SMTP work. Instead trying to negotiate the SMTP minefield they decided to sync. So ZCO syncs your Outlook mailboxes via HTTPS and the server does the actual sending. As a result, only places with massively annoying firewalls give our employees email problems these days.

We have been free of this issue for so long that I forgot it even existed until I decided to use Pine outside of my office.

And yes, there are workarounds. I could change my SMTP server to the one provided by my ISP but that would not exactly be kosher security wise. I could probably establish some port tunneling and shunt my outbound SMTP traffic directly to my work network over ssh but that seems like a roundabout way of doing things.

The simplest, most direct solution to the problem at hand is to just stop fucking around log into the corporate webemail portal. Wemail just works.

Webmail is about the only solution that will always just work in an increasingly mobile environments. All email clients suck, but the main strength of webmail is that it will never actually break and it requires no setup. I knew that for years. I wrote about this on this very blog. I have been observing the exodus away from raw POP and IMAP to webmail portals since about 2007. But I forget, because I’m a power user.

I use gmail as my main client. I use yahoo mail as a spam trap. And I use Outlook via VPN and remote desktop for my work. All of this works quite fine. There are a couple of issues when I need to pass a non-text file from my local environment to Outlook, but it is rare and in that case i simply send myself an e-mail with gmail.

I probably don’t work on enough different public wifi networks to comment, but I certainly see your point about the ‘normal’ ports often being blocked. I fought with this at work until I figured out which port was open to enable my SSH tunnel.

IMO, the best way to use Mutt is in combination with Offlineimap. This not only gives you the advantage of a built-in mail backup, but makes Mutt start instantly as well…regardless of the state of your internet connection. I’ve got it nicely configured to handle two different gmail accounts (including setting correct From: address depending on which mailbox you are currently in.

As long as you have a server someplace with the ability to handle an SSH Socks proxy, the tunnel setup with autossh (perfect for roaming laptops) is just a .bashrc entry something like:
socks_port=5500
socks_server='homeserver'
mail_port=5505
smtp_outgoing_port=587
smtp_server='smtp.gmail.com'
autossh_options=( -M 0 -f -q -N -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" )

and in muttrc, configure your SMTP server like:
set smtp_url='smtp://mailusername:password@localhost:5505/'

Now if your Socks Proxy port is blocked as well…back to webmail :) But using Offlineimap means the transition between using webmail when necessary and using Mutt is completely seamless. There’s just a small lag depending on how often your cron job runs to sync offlineimap (mine’s 5 minutes).

Don’t give up on Mutt!! With Offlineimap and a Socks Proxy, you should be able to work from almost anywhere…

It’s a funny coincidence to see this subject now, as we just had our server go ka-boom* at work during a power outage Thursday. Maybe it will be up tomorrow? Granted, I’m hunky-dory not having email for a couple of days (but AutoCAD has been a bitch, certain features — some mandatory for my current workflow — cause crashes when the server goes away), but the sales guy (who goes on vacation … uh, now) was less than happy. Which prompts me to ask… for a small shop (four people with email accounts in the company), is locally hosting your email on one of the low-end, six-year-old Dell tower-style servers really the best idea, when you have no in-house IT staff? *shrug*

* Apparently, fried one of the hard drives. Which took out the whole thing, ’cause that’s just how it’s set up. The only solution apparently is a Dell-replacement hard drive — don’t ask me why. To be fair, while it was UPS’d, the power in our location really, really sucks… and since we kinda need our quarry, we don’t really have the option of just moving.

Yeah, emailing things via gmail – that’s kinda frowned upon here. Anything cloud is verboten because if it’s not on our server it is not considered secure. That said we do handle financial info for our clients so the privacy/confidentiality concerns are completely justified.

I think that if our email was down for a couple of days my boss would straight up murder someone. Probably me, cause my desk is closest to his office. :P Which is why our email server is enshrined in a data center and maintained by warrior monks who are sworn to prevent downtimes upon the pain of death.

Oh, and I know all about shitty power. Our building has “generator power” which is low voltage but enough to power a desk lamp or charge up your laptop (albeit slower than normal) but not enough to keep the UPS on our rack juiced up. So if we loose power, most of the lights stay on and most people’s computers work just fine, but the network goes away. I kinda wish we didn’t have any back-up power.

Here is the thing – if the entire building is pitch black, then no one can do any work and everyone just hopes for the best. When everyone’s lights and computers are up and working, but the network is dead because the generator power is too low voltage to power the beefy servers the entitled users get royally pissed off. They just can’t understand why some stuff works, and other stuff doesn’t. Like why can’t they print to a network printer on their desk – after all it’s right there, next to the laptop and it has noting to do with internet being down. :P

The owner’s comment was “I fucking hate computers.” That’s the top-down philosophy that drives our technology, unfortunately. He went on a rant about the “good old days” before everyone used so much technology… yeah. *I* know we need to do something else, his daughter (who runs most things these days) knows, the sales guy knows… but we’re powerless against the Luddite in Charge. I mean, for us, with no dedicated IT guy and four people using email, it’d be $200/yr to use Google A4D (which is probably not the best choice overall, but likely the simplest); that’s two hours of outsourced IT. But again I say: *shrug*

email client = Claws-Mail
A good email client which I prefer over Thunderbird, Kmail, Outlook etc, Integrates well with Clam AV or ClamWin AV, which have blocked malicious content. Bsfilter can be added for spam reduction (not especially effective so far)

webmail #1 = fastmail
No advertisements, portals, news or stuff I don’t wan’t. Fast and efficient. Uses https.
webmail #2 = gmail – Okay for non-sensitive emails…
webmail #3 = Yahoo! Free version is slow, clunky and has intrusive features – winding down my accounts but will retain at least one due to Yahoo! groups
The spam filtering is good though.

1) Have you told mutt to cache headers/messages?
set header_cache = ~/.mutt-caches/mcquay/cache/headers
set message_cachedir = ~/.mutt-caches/mcquay/cache/bodies

should yield snappy setup. I migrated from alpine to mutt, so I’m surprised to see someone go the other way. More than convert you back, I’d be interested to know what you like better about Alpine by comparison to Mutt.

2) Does your organization use PGP or GPG? Otherwise, it mostly doesn’t matter where you email is hosted (someone elses servers (called cloud), or on your servers). If you do, what is the magical recipe to training the technomuggleborns to use encryption?

Thanks for coining the term “Techno Muggle”, by the way; I use it bi-weekly.

Heh, the directors at my place are “computer savvy” in the sense that they know excel, so they essentially every problem is an excel macro problem. As in:

“So I was thinking if we could build a survey in excel, and then put int on the network, and then the employees would open it up, take the survey and save it. But we need a macro to save all the result, not just the latest. Can we do that?”

Then I’m like – why don’t we just make it an online survey and make it part of the intranet information/reporting/employee review thing that we already have. And we can plug in the results into the employee performance review page, which is the next thing I know you will ask me. And they are like:

“I don’t know… Won’t that be difficult to maintain? I mean, why don’t we do the excel thing and then have the online thing import from it. That should be easier, no?”

If we didn’t constantly fight for every little thing, the entire business would be running from within excel. :P

It was more of a spur of a moment thing – “Well, Mutt is being stupid, let me give Pine a try.” Plus I used pine extensively back when I was in college because I could. When we were given unix shell accounts it was like Christmas to me. :P

Oh, and no – we don’t use PGP or GPG. Our idea for encrypting internal email is SSL. Zimbra portal runs behind SSL and port 80 is blocked. We also use SIMAP and force SSL on SMTP. Internally when we email each other, the server is smart enough just to move emails between inboxes on the same machine. So as long as we send email internally everything is secure:

1. Employee laptops have full disk encryption
2. The communication between the laptop and the server is SSL encrypted
3. I don’t know about the server because someone else handles that but I think there is some encryption going in there too.

For communicating with the clients we usually use whatever they use. Our thing is that we are flexible at technology and have IT department whereas a lot of our competitors do not. So we usually ask them how they want to handle encryption and the answers range from:

One client used a some deprecated encryption software that was once upon a time maintained by McAfee but then they discontinued it. As in the removed the binaries from their site and put a note saying “do not use, this is deprecated and probably broken. So the client told us “no just go to olversions.com and get it from there. Sigh…

Oh, and one client likes to use shared folders in Dropbox. I’m like “you guys know that Dropbox has a back-door key to decrypt all their files on their network, right? It was like a big thing and they had to change their terms and conditions because of a PR backlash” and they are like “herp, derp, no it says it secure on their website so it must be true”.

But, you know – customer is always right, so if they want to use broken encryption that’s their funeral. We try to do our best to be secure on our end, and once it’s out of our hands and our servers it’s their problem.

Your email address will not be published. Required fields are marked *

Comment

Name *

Email *

Website

Currently you have JavaScript disabled. In order to post comments, please make sure JavaScript and Cookies are enabled, and reload the page.Click here for instructions on how to enable JavaScript in your browser.